I'm collecting some info on the password hashing algorithms in use on various Unix systems. So far I have:
no $ legacy unix crypt
$1$ MD5
$2$ Blowfish on BSD
$2a$ alternate Blowfish on BSD
$md5$ Sun's alternate MD5
$3$ a Microsoft hash
$4$ not used?
$5$ RedHat proposed Sha-256
$6$ RedHat proposed Sha-512
Does anyone have any more info? I'm particularly interested in what happened to $4$ and some info on which Microsoft hash is represented by $3$. And I would be interested to learn about any algorithms I missed.
Very minor addition:
Solaris 10:
etc/security/crypt.conf can have:
1 crypt_bsdmd5.so.1 crypt_bsdmd5 compatible with md5crypt on BSD and Linux systems.
2a crypt_bsdbf.so.1 blowfish
md5 crypt_sunmd5.so.1 MD5 variant
Here are some more, Default on RHEL6 is SHA512
md5 - when a user changes their password next, encrypt it with the md5 algorithm.
sha256 - when a user changes their password next, encrypt it with the sha256 algorithm.
sha512 - when a user changes their password next, encrypt it with the sha512 algorithm.
bigcrypt - when a user changes their password next, excrypt it with the DEC C2 - algorithm(0).
If you need to change this in rhel then use /etc/sysconfig/system-auth, be carefull